This Weeks Headlines
- Southern Water Reports £4.5 Million Loss from Black Basta Ransomware Attack
- Bybit Suffers $1.5 Billion Cryptocurrency Theft in Largest Exchange Hack to Date
- DDoS Attacks Surge by 550% in 2024
- Malicious ‘PirateFi’ Game Infects Steam Users with Vidar Stealer Malware
- Critical Remote Code Execution Vulnerability Discovered in MITRE Caldera Framework
- DISA Global Solutions Data Breach Exposes Personal Information of 3.3 Million Individuals
Southern Water Reports £4.5 Million Loss from Black Basta Ransomware Attack
In February 2024, Southern Water, a major UK water supplier, experienced a cyberattack attributed to the Black Basta ransomware group. The company has now disclosed that the incident resulted in expenses totaling €5.44 million (£4.5 million).
Despite the breach, which compromised data from a limited part of their server estate, Southern Water maintained that its operational, financial, and customer-facing systems remained unaffected.
The financial impact was detailed in the company’s recent report, highlighting the significant costs associated with cybersecurity incidents.
View SourceBybit Suffers $1.5 Billion Cryptocurrency Theft in Largest Exchange Hack to Date
On February 21, 2025, Dubai-based cryptocurrency exchange Bybit experienced a sophisticated cyberattack resulting in the theft of approximately €1.43 billion ($1.5 billion) in digital assets, primarily Ethereum. This incident marks the largest cryptocurrency exchange hack recorded to date.
The attackers exploited vulnerabilities during a routine transfer between digital wallets, redirecting the funds to unidentified addresses.
Bybit has assured its users that remaining assets are secure and has secured emergency funding to replenish its reserves. Blockchain analysis companies have linked the attack to North Korea’s Lazarus Group, a state-sponsored hacking collective known for targeting cryptocurrency platforms to fund governmental activities.
Bybit is actively collaborating with blockchain analytics experts to trace and recover the stolen assets.
View SourceDDoS Attacks Surge by 550% in 2024
In 2024, Distributed Denial-of-Service (DDoS) attacks experienced a dramatic 550% increase compared to the previous year, as reported by Radware’s 2025 Global Threat Analysis Report. This surge is primarily attributed to geopolitical conflicts and the proliferation of AI technologies, which have lowered the barrier to entry for cybercriminals.
The Europe, Middle East, and Africa (EMEA) region was notably impacted, accounting for 78% of global incidents. Industries such as telecommunications and finance faced significant challenges, with the latter witnessing a 393% year-over-year escalation in network-layer DDoS attacks.
The report emphasises the necessity for dynamic defense strategies to combat the evolving cyber threat landscape.
View SourceMalicious ‘PirateFi’ Game Infects Steam Users with Vidar Stealer Malware
A recently released game on Steam, titled ‘PirateFi,’ has been found distributing the Vidar Stealer malware, compromising users’ sensitive information.
The game, described as a survival adventure set on the open sea, garnered positive reviews before its malicious nature was discovered. After approximately a week online, Steam removed ‘PirateFi’ from its platform and notified affected users via email.
The SECUINFRA Falcon Team analysed the malware and confirmed it as a variant of the Vidar Stealer, capable of extracting credentials, session cookies, and other sensitive data from browsers, email clients, and cryptocurrency wallets.
Users who installed ‘PirateFi’ are advised to manually delete the game files from their systems, particularly from the Steam Library and %Temp% folders, and perform a thorough antivirus scan to remove any remaining malicious components.
View SourceCritical Remote Code Execution Vulnerability Discovered in MITRE Caldera Framework
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-27364, has been discovered in all versions of MITRE Caldera prior to commit 35bc06e.
This flaw stems from improper input sanitisation in the dynamic agent compilation functionality of Caldera’s Manx and Sandcat agents. Exploiting this vulnerability allows unauthenticated attackers to execute arbitrary code on the server hosting Caldera, potentially leading to full system compromise.
Users are strongly advised to update to version 5.1.0 or later to mitigate this risk.
View SourceDISA Global Solutions Data Breach Exposes Personal Information of 3.3 Million Individuals
DISA Global Solutions, employee screening and compliance services provider, has disclosed a data breach affecting over 3.3 million individuals.
The breach occurred between February 9 and April 22, 2024, during which unauthorised parties accessed sensitive personal information, including names, Social Security numbers, driver’s license details, and financial account information. Upon discovering the intrusion on April 22, 2024, DISA initiated an internal investigation with third-party cybersecurity experts, secured its network, and implemented additional security measures.
The company has begun notifying affected individuals and is offering 12 months of complimentary credit monitoring and identity restoration services through Experian. Despite the significant delay in public disclosure, DISA asserts there is no evidence of misuse of the compromised data.
View SourceIf you’re ready to learn how we can help protect your business from cyber threats, contact us using the form below 👇.
